Vishing is the phone's version of email phishing and uses automated voice messages to steal confidential information. The term is a combination of "voice" and "phishing."
KnowBe4 now allows you to send this type of simulated phone attacks to your users. Vishing is a type of social engineering. These attacks try to trick an employee into giving out confidential information via a phone call.
Vishing attacks use a spoofed caller ID, which can make the attack look like it comes from either a known number or perhaps an 800-number that might cause the employee to pick up the phone. Vishing often uses VoIP technology to make the calls.
Vishing is an extremely useful tool for attackers, because their targets do not have time to think the situation through prior to providing information to the attacker and can easily be confused by alarming claims. Vishing attacks can be focused on all employees, or against employees that mainly deal with people outside the organization. Departments like the help desk, PR, Sales, and HR are good to include in vishing security tests.
With this module you can test your end-users with simulated interactive voice response (IVR) attacks over the phone. Upload a CSV file with their phone numbers and choose a Kevin Mitnick VST Scenario™. Note that VST’s are part of the Platinum pricing level. Screenshot here.
Having all employees step through security awareness training and sending them simulated phishing and also vishing attacks, is an essential element of your defense-in-depth! Download this page as a PDF Datasheet.
Find out how affordable this is for your organization. Click here to get a demo:
Related Pages: Social Engineering